Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
22 Cards in this Set
- Front
- Back
security communication implies the concepts of what |
Confidentiality: Unreadable by adversariesl Authentication: Validating communication receiver isintended target and verification that they are who they say they are lIntegrity: Proof that message hasn’t been tamperedwith Non-Repudiation: Validation to prove in a court of lawthat originator, and only originator, sent original message DataLoss Prevention:strategy for making sure that endusers do not send sensitive or critical information outside the corporatenetwork |
|
what is cryptography |
lThescience or study of the techniques of secret writing, especially codeand cipher systems, methods, and the like; anything written in a secret code,cipher, or the like. |
|
what is cryptoanalysis |
Astudy of mathematical techniques for attempting to defeat cryptographictechniques and information security services. |
|
lThereare 3 basic type of security that apply to communication technologies |
Hidingthe content or nature of a communication Hidingthe parties to a communication – preventing identification, promoting anonymity Hidingthe fact that a communication is taking place |
|
how do u hide content or nature of a communication? |
code, encryption, stenography, identity based |
|
what is stenography |
meansby which data can be hidden within other more innocuous data |
|
what is identity based networks |
True identitybased networks replace the ability to remain anonymous and are inherently moretrustworthy since the identity of the sender and recipient are known. |
|
what are typical ways of breaking comms security |
bugging, computers/it networks, laser audio surveillance |
|
what offer partial security |
anonymous cellphones, landlines, anonymous internet |
|
what provides more security? |
secure instant messaging, voip, secure email, IRC and web chat |
|
what is SIGINT |
SignalsIntelligence (SIGINT)is intelligence gathering by interception of signals |
|
what 2 things comprise SIGINT |
CommunicationIntelligence (COMINT) Communicationbetween people ElectronicIntelligence (ELINT) Communicationinvolving electronicsignals not directly used in communications |
|
what does cryptography provide? |
providesa mechanism by which information being communicated is transformed / garbled sono one else can easily understand it butthe intended recipient. |
|
lSo how does one construct a cipher thatenforces the 4 precepts of Confidentiality, Integrityof Data, Authentication and Non-Repudiation? |
lBygenerating one-way mathematical functions that are computationally impossibleto solve in polynomial time, it makes it unlikely that your adversaries willeasily or quickly find a solution to decode your messages. |
|
whata re the 3 gneral types of crypto algorithms |
Secretkey (private) Symmetricencryption Singleor 1-key encryption DES, AES Publickey Asymetricencryption Dualor 2-key encryption RSA, El Gamal, ECC Hash One-waytransformation Nokey encryption md5, sha |
|
which is faster, symmetric or Asymmetric |
symmetric |
|
which is more secure, symmetric or Asymmetric |
asymmetric |
|
top purposes of cryptio? |
Confidentiality By encrypting information with a key thatonly authorized users posses, can be used to protect information from pryingeyes Integrity By cryptographically hashing message,encrypting hash and then verifying hash at reception, can be used to detectinformation tampering in transmission Authentication: By requesting that user encrypts message,and the message tested against user’s stored key, can be used to prove identityof sender Non-repudiation: Allowsto prove in a court of law who the intended recipient of a message isW˞8@ |
|
what are some examples of public key systems |
PrettyGood Privacy (PGP) Digitallysign documents or e-mails SecureSocket Layer (SSL) Usedin virtually all current web browsers Kerberos Singlesign-on system for client/server authentication Usedby MS O/S |
|
what are 2 protocols ssl/tls use |
Handshakeprotocol allowsclient & server to mutually authenticate each other, exchange certificates,and negotiate the crypto algorithm to be used for hashing Recordprotocol isthen used to exchange encrypted data |
|
whats pki |
Public Key Infrastructure (PKI) managethe creation and distribution of public keys in a nice, efficient andtrustworthy manner Allows trust to be establishedbetween any members of the PKI, even if they have not interacted before |
|
what are the top 5 security risks for WLANS |
eavesdropping masquerading Attackerspoofs as legitimate node or AP DOS Rogue AP airborn virus |